<?php
/***************
* @Project	Warabi
* @Author	Feifei
* @Date		01/31/2010
***************/

/**This module is to deal the app get card invitation list in one week**/
include_once($_SERVER['DOCUMENT_ROOT'].'/header.inc.php');

$httprequest = new wbHttpRequest();

list($headers , $body) = $httprequest->output();

$sender_name = rawurldecode($_GET["sender"]);

/***if the sender name is empty**/
if(empty($sender_name)){
	header(error_url_param_missing);
	exit;
}

/**if the sender doesn't exist in database , give a 400 response**/
$db = new wbDatabase();
$sql = "select * from ".__table_app_user__." where username='".$sender_name."'";
$set = $db->query($sql);

if($db->countResult($set)==0){
	header(error_url_param_missing);
	exit;
}

/** wsse authorize **/
/***if the wsse is wrong , give a 401 unauthorized response**/
$xwsse = $headers["X_WSSE"];
$type=0;
$doorkey = magicWsse($xwsse , $db , $type);

if(!$doorkey){
	header(error_autorized_header);
	exit;
}


/** get the dpf list **/
global $wbInvitationUri ;
global $wbListLimit;

$sql = "select * from ".__table_card_info__." , ".__table_card_list__." 
		where ".__table_card_info__.".id = ".__table_card_list__.".cardInfoId
		and ".__table_card_list__.".sender = '".$sender_name."'
		and sendDate>date_sub(now() , interval ".(sent_expire_time.' '.expire_unit).")
		order by id desc";
$set = $db->query($sql);
$result = array();
while($oneres = $db->fetchResultBySet($set ,MYSQL_ASSOC)){
	$arr = array(
		"id" => $oneres["cardListId"],
		"receiver" => $oneres["receiver"],
		"description" => $oneres["description"],
		"date" => $oneres["sendDate"],
		"photo" => $oneres["photoNumber"],
		"flag" => getInviteFlag($oneres["deleteFlag"],0,$oneres["readFlag"]),
		"link" => $wbInvitationUri."?from=ap&cardid=".rawurlencode($oneres["cardListId"])
	);
	$result[] = $arr;
}
$db->freeResult($set);
$db->disconnect();

/***put the response to the client**/
$tid = getTid();
$resBody = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>";
$resBody .= "<entry>";
$resBody .= "<tid>".$tid."</tid>";
foreach($result as $invitation){
	$resBody .= "<invite>";
	$resBody .="<id>".$invitation["id"]."</id>";
	$resBody .= "<to>".xmlencode($invitation["receiver"])."</to>";
	$resBody .="<description>".xmlencode($invitation["description"])."</description>";
	$resBody .="<date>".$invitation["date"]."</date>";
	$resBody .="<photo>".$invitation["photo"]."</photo>";
	$resBody .="<flag>".$invitation["flag"]."</flag>";
	$resBody .="<link>".xmlencode($invitation["link"])."</link>";
	$resBody .= "</invite>";
}
$resBody .= "</entry>";

header(success_response);
header('Content-Type: text/xml');
header('Content-Length: '.strlen($resBody));
echo $resBody;

?>